Results 1 to 10 of 14

Thread: Part one of an ASM ghostwriting PoC script

Threaded View

  1. #1
    Senior Member ShadowMaster's Avatar
    Join Date
    Jul 2011
    Location
    /root
    Posts
    189

    Lightbulb Part one of an ASM ghostwriting PoC script

    This is now on github https://github.com/Shadow-Master/

    I'd like to start off by apologizing in advance. This is posted in the experts section for a reason. This is not a script for people who want to zOMG hax0R things. This is for people who appreciate hacking.
    While reading blog posts about AV bypass, one method described was ASM ghostwriting. I thought it was a really cool method, and wanted to look beyond static string replacement in the ASM code. So I came up with several ideas.

    The first part of my script (this part) is a parser. It will read in an ASM.s file, and output the stack and reg values acc. to its parser. Please read the readme for a more full explanation.

    The second two parts will be added to the main part, hopefully, and will be ASM generators/obfuscators and a static string replacement method.

    Again, I apologize for sounding like a jerk, but since this is made for people who write shellcode, and not just disassemble a metasploit payload, it *ONLY* reads in files of *VALID* ASM code. Please see the readme for what is considered valid.

    I am posting it here half-done for several reasons:
    1) Find any bugs.
    2) Comment about the script, and functionality you want added.
    3) Stoke people's interest, so I can gauge how much work I should be putting into it.
    4) Get people on the team to help me
    The help necessary is to come up with an engine of some sort to generate ASM code based on a saved framestate. Again, see the readme...

    I've included the script, the readme, and some test shellcode files. One will obviously fail.
    Last edited by ShadowMaster; 08-15-2012 at 03:46 PM.
    World Domination is such an ugly phrase. I prefer the term World Optimization.

Similar Threads

  1. Pentest Part one
    By pentest09 in forum BackTrack 5 Videos
    Replies: 9
    Last Post: 09-12-2011, 04:51 PM
  2. Replies: 6
    Last Post: 10-08-2010, 11:40 PM
  3. Replies: 10
    Last Post: 07-12-2010, 03:04 PM
  4. Knowing part of the key
    By new2bt3 in forum OLD Wireless
    Replies: 10
    Last Post: 05-31-2009, 09:09 AM
  5. BT3 USB Part 2
    By Crazy8 in forum OLD BT3beta General
    Replies: 4
    Last Post: 01-16-2008, 06:53 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •